diff options
author | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2007-12-24 10:29:57 +0000 |
commit | c3e531b12b2335b7fa5a6bcc9a309d3c523ff64b (patch) | |
tree | b72c0867348e7e7914d64af6fc5e25c728922e03 /clientloop.c | |
parent | 6b222fdf3cb54c11a446df38e027fe7acf2220cb (diff) | |
parent | 70847d299887abb96f8703ca99db6d817b78960e (diff) |
* New upstream release (closes: #453367).
- CVE-2007-4752: Prevent ssh(1) from using a trusted X11 cookie if
creation of an untrusted cookie fails; found and fixed by Jan Pechanec
(closes: #444738).
- sshd(8) in new installations defaults to SSH Protocol 2 only. Existing
installations are unchanged.
- The SSH channel window size has been increased, and both ssh(1)
sshd(8) now send window updates more aggressively. These improves
performance on high-BDP (Bandwidth Delay Product) networks.
- ssh(1) and sshd(8) now preserve MAC contexts between packets, which
saves 2 hash calls per packet and results in 12-16% speedup for
arcfour256/hmac-md5.
- A new MAC algorithm has been added, UMAC-64 (RFC4418) as
"umac-64@openssh.com". UMAC-64 has been measured to be approximately
20% faster than HMAC-MD5.
- Failure to establish a ssh(1) TunnelForward is now treated as a fatal
error when the ExitOnForwardFailure option is set.
- ssh(1) returns a sensible exit status if the control master goes away
without passing the full exit status.
- When using a ProxyCommand in ssh(1), set the outgoing hostname with
gethostname(2), allowing hostbased authentication to work.
- Make scp(1) skip FIFOs rather than hanging (closes: #246774).
- Encode non-printing characters in scp(1) filenames. These could cause
copies to be aborted with a "protocol error".
- Handle SIGINT in sshd(8) privilege separation child process to ensure
that wtmp and lastlog records are correctly updated.
- Report GSSAPI mechanism in errors, for libraries that support multiple
mechanisms.
- Improve documentation for ssh-add(1)'s -d option.
- Rearrange and tidy GSSAPI code, removing server-only code being linked
into the client.
- Delay execution of ssh(1)'s LocalCommand until after all forwardings
have been established.
- In scp(1), do not truncate non-regular files.
- Improve exit message from ControlMaster clients.
- Prevent sftp-server(8) from reading until it runs out of buffer space,
whereupon it would exit with a fatal error (closes: #365541).
- pam_end() was not being called if authentication failed
(closes: #405041).
- Manual page datestamps updated (closes: #433181).
Diffstat (limited to 'clientloop.c')
-rw-r--r-- | clientloop.c | 89 |
1 files changed, 71 insertions, 18 deletions
diff --git a/clientloop.c b/clientloop.c index 766a4b3bf..aa8697900 100644 --- a/clientloop.c +++ b/clientloop.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: clientloop.c,v 1.178 2007/02/20 10:25:14 djm Exp $ */ | 1 | /* $OpenBSD: clientloop.c,v 1.181 2007/08/15 08:14:46 markus Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -290,19 +290,29 @@ client_x11_get_proto(const char *display, const char *xauth_path, | |||
290 | generated = 1; | 290 | generated = 1; |
291 | } | 291 | } |
292 | } | 292 | } |
293 | snprintf(cmd, sizeof(cmd), | 293 | |
294 | "%s %s%s list %s 2>" _PATH_DEVNULL, | 294 | /* |
295 | xauth_path, | 295 | * When in untrusted mode, we read the cookie only if it was |
296 | generated ? "-f " : "" , | 296 | * successfully generated as an untrusted one in the step |
297 | generated ? xauthfile : "", | 297 | * above. |
298 | display); | 298 | */ |
299 | debug2("x11_get_proto: %s", cmd); | 299 | if (trusted || generated) { |
300 | f = popen(cmd, "r"); | 300 | snprintf(cmd, sizeof(cmd), |
301 | if (f && fgets(line, sizeof(line), f) && | 301 | "%s %s%s list %s 2>" _PATH_DEVNULL, |
302 | sscanf(line, "%*s %511s %511s", proto, data) == 2) | 302 | xauth_path, |
303 | got_data = 1; | 303 | generated ? "-f " : "" , |
304 | if (f) | 304 | generated ? xauthfile : "", |
305 | pclose(f); | 305 | display); |
306 | debug2("x11_get_proto: %s", cmd); | ||
307 | f = popen(cmd, "r"); | ||
308 | if (f && fgets(line, sizeof(line), f) && | ||
309 | sscanf(line, "%*s %511s %511s", proto, data) == 2) | ||
310 | got_data = 1; | ||
311 | if (f) | ||
312 | pclose(f); | ||
313 | } else | ||
314 | error("Warning: untrusted X11 forwarding setup failed: " | ||
315 | "xauth key data not generated"); | ||
306 | } | 316 | } |
307 | 317 | ||
308 | if (do_unlink) { | 318 | if (do_unlink) { |
@@ -940,7 +950,7 @@ process_cmdline(void) | |||
940 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); | 950 | cmd = s = read_passphrase("\r\nssh> ", RP_ECHO); |
941 | if (s == NULL) | 951 | if (s == NULL) |
942 | goto out; | 952 | goto out; |
943 | while (*s && isspace(*s)) | 953 | while (isspace(*s)) |
944 | s++; | 954 | s++; |
945 | if (*s == '-') | 955 | if (*s == '-') |
946 | s++; /* Skip cmdline '-', if any */ | 956 | s++; /* Skip cmdline '-', if any */ |
@@ -987,9 +997,8 @@ process_cmdline(void) | |||
987 | goto out; | 997 | goto out; |
988 | } | 998 | } |
989 | 999 | ||
990 | s++; | 1000 | while (isspace(*++s)) |
991 | while (*s && isspace(*s)) | 1001 | ; |
992 | s++; | ||
993 | 1002 | ||
994 | if (delete) { | 1003 | if (delete) { |
995 | cancel_port = 0; | 1004 | cancel_port = 0; |
@@ -1781,6 +1790,50 @@ client_request_agent(const char *request_type, int rchan) | |||
1781 | return c; | 1790 | return c; |
1782 | } | 1791 | } |
1783 | 1792 | ||
1793 | int | ||
1794 | client_request_tun_fwd(int tun_mode, int local_tun, int remote_tun) | ||
1795 | { | ||
1796 | Channel *c; | ||
1797 | int fd; | ||
1798 | |||
1799 | if (tun_mode == SSH_TUNMODE_NO) | ||
1800 | return 0; | ||
1801 | |||
1802 | if (!compat20) { | ||
1803 | error("Tunnel forwarding is not support for protocol 1"); | ||
1804 | return -1; | ||
1805 | } | ||
1806 | |||
1807 | debug("Requesting tun unit %d in mode %d", local_tun, tun_mode); | ||
1808 | |||
1809 | /* Open local tunnel device */ | ||
1810 | if ((fd = tun_open(local_tun, tun_mode)) == -1) { | ||
1811 | error("Tunnel device open failed."); | ||
1812 | return -1; | ||
1813 | } | ||
1814 | |||
1815 | c = channel_new("tun", SSH_CHANNEL_OPENING, fd, fd, -1, | ||
1816 | CHAN_TCP_WINDOW_DEFAULT, CHAN_TCP_PACKET_DEFAULT, 0, "tun", 1); | ||
1817 | c->datagram = 1; | ||
1818 | |||
1819 | #if defined(SSH_TUN_FILTER) | ||
1820 | if (options.tun_open == SSH_TUNMODE_POINTOPOINT) | ||
1821 | channel_register_filter(c->self, sys_tun_infilter, | ||
1822 | sys_tun_outfilter); | ||
1823 | #endif | ||
1824 | |||
1825 | packet_start(SSH2_MSG_CHANNEL_OPEN); | ||
1826 | packet_put_cstring("tun@openssh.com"); | ||
1827 | packet_put_int(c->self); | ||
1828 | packet_put_int(c->local_window_max); | ||
1829 | packet_put_int(c->local_maxpacket); | ||
1830 | packet_put_int(tun_mode); | ||
1831 | packet_put_int(remote_tun); | ||
1832 | packet_send(); | ||
1833 | |||
1834 | return 0; | ||
1835 | } | ||
1836 | |||
1784 | /* XXXX move to generic input handler */ | 1837 | /* XXXX move to generic input handler */ |
1785 | static void | 1838 | static void |
1786 | client_input_channel_open(int type, u_int32_t seq, void *ctxt) | 1839 | client_input_channel_open(int type, u_int32_t seq, void *ctxt) |